package cn.java71.servlet;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;

@WebFilter(filterName = "roleFilter",value = "/*")
public class RoleFilter implements Filter {
    public void destroy() {
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        HttpServletRequest request = (HttpServletRequest) req;
        String path=request.getServletPath();
        System.out.println("进入了权限的过滤器"+path);
        try {
            //部分地址不需要验证，直接放行
            if(path.equals("/index.jsp")||path.equals("/doLogin.jsp")||path.endsWith(".js")||path.endsWith(".css")||path.endsWith(".jpg")){
                chain.doFilter(req, resp);
                return;
            }
            if (request.getSession().getAttribute("LOGIN_USER") == null) {
                request.setAttribute("msg", "您没有登录，无权访问");
                request.getRequestDispatcher("/index.jsp").forward(request, resp);
                return;
            }
            chain.doFilter(req, resp);
        }finally {
            System.out.println("离开了权限的过滤器");
        }
    }

    public void init(FilterConfig config) throws ServletException {

    }

}
